Desjardins, one of the world’s largest banks and Canada’s largest credit union, suffered a data leak that was contributed to an ill-intentioned employee that stole information on 2.9 million customers. The employee stole information of almost 2.7 million home users that include their full names, dates of birth, addresses, phone numbers, email addresses, and banking habit details. Almost 173,000 business customers were also affected. The leaked information included the business name, address, phone number, owner name and users of the AccesD Affaires account. No internet banking passwords, security questions, account PINs, or credit and debit card numbers appear to have been exposed. Desjardins became aware of the incident on June 14th, 2019 and immediately notified authorities. The company has terminated the employee, implemented additional monitoring and security measures and is working with authorities to prevent future incidents.
Users who were affected by this breach are recommended to change their login credentials in an attempt to prevent unauthorized access. Users should also employ a credit monitoring service to keep a watchful eye on their accounts.